Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/sn9enFOo5Di0o6kJUk6MPqH14H0.roa
File: sn9enFOo5Di0o6kJUk6MPqH14H0.roa (raw, json)
Hash identifier: HqG8TpynNDyog1SKeaKxHZlfBh9O+0BYZVIHoUWfzds=
Subject key identifier: B2:7F:5E:9C:53:A8:E4:38:B4:A3:A9:09:52:4E:8C:3E:A1:F5:E0:7D
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 018570DE565C9E274AAFF7F75CE8870586C1
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/sn9enFOo5Di0o6kJUk6MPqH14H0.roa
Signing time: Mon 02 Jan 2023 05:04:57 +0000
ROA not before: Mon 02 Jan 2023 05:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35588
IP address blocks: 46.33.48.0/22 maxlen: 22
46.33.48.0/21 maxlen: 24
46.33.52.0/22 maxlen: 24
46.33.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:56:5c:9e:27:4a:af:f7:f7:5c:e8:87:05:86:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Jan 2 05:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b27f5e9c53a8e438b4a3a909524e8c3ea1f5e07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:2c:41:d3:43:67:52:cc:cc:19:45:6b:09:
19:11:d8:c4:e8:d1:7e:c7:9d:3f:7a:9d:88:8d:31:
bc:2b:2e:96:6e:c2:75:6f:34:22:6c:eb:c6:8f:5b:
8a:2f:3a:53:e0:45:11:a9:65:38:6f:cf:3e:65:97:
58:1c:fb:88:9d:c2:c9:00:1f:ff:db:f7:07:73:ae:
91:d6:c6:cb:7b:e1:94:9d:af:f8:29:5f:0a:72:5f:
54:2f:7a:63:9d:d1:82:0b:6a:43:ef:c1:80:c0:7f:
b1:f7:36:d6:47:83:d4:9b:07:8f:94:f7:f2:77:42:
0c:5c:cd:0f:3f:df:63:ba:f9:ac:98:08:4e:2b:1c:
63:46:c2:d6:37:93:47:ed:34:47:39:bc:32:28:6f:
3e:14:25:c7:37:39:12:b6:b8:66:9c:8f:36:9c:fa:
22:a7:38:b8:0d:20:6e:e2:e5:f5:c8:2d:a2:88:81:
67:5e:df:8f:30:ac:f1:43:c5:c6:47:5c:e5:99:68:
0f:e0:97:d6:bb:84:d3:e8:7a:9d:08:0a:37:94:67:
69:08:1d:03:56:2b:87:43:c7:47:3d:9e:14:14:2a:
fe:d4:41:72:f0:8e:48:83:7a:2f:3d:79:02:66:42:
62:c1:37:d0:8d:d4:9b:c9:e5:43:03:db:89:0e:ed:
5a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7F:5E:9C:53:A8:E4:38:B4:A3:A9:09:52:4E:8C:3E:A1:F5:E0:7D
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/sn9enFOo5Di0o6kJUk6MPqH14H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.48.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:be:5f:c1:d2:ce:27:93:3b:0a:1e:6c:a6:de:3c:15:6b:e0:
8b:cd:91:0e:14:25:1b:3a:e2:9d:87:5e:ca:f0:89:84:68:1b:
ee:e6:b7:19:f2:21:2e:03:ea:6f:86:44:b9:2d:ab:2c:e9:15:
e4:56:f8:0c:41:56:eb:86:34:8b:c3:e3:c9:ba:43:4a:c8:fb:
57:16:47:25:ce:0e:1f:a3:72:e2:65:2e:28:68:7a:72:33:6e:
ab:f1:18:20:36:0a:67:c3:e7:91:97:51:9a:ab:be:a6:08:2e:
49:07:28:99:f0:cb:79:35:61:7c:fa:68:43:14:d3:3f:e6:94:
fa:db:b5:5b:06:73:af:f9:a2:31:ef:45:57:a4:fb:a5:38:e3:
87:30:87:89:33:97:fa:54:9c:67:c5:87:e7:26:4c:e0:83:64:
f3:3f:3a:2a:08:84:8b:b0:59:70:27:01:44:8e:ec:cc:12:16:
70:e7:12:e8:24:34:cc:3c:61:5c:03:bc:c5:f4:6c:bd:66:ff:
6f:1b:c3:f7:fd:66:4d:fb:5d:a0:b5:25:f6:a9:0d:bb:25:83:
bb:71:7b:4a:4a:d4:98:04:55:a6:21:dd:1d:1f:f7:76:bb:50:
ca:ef:99:b8:d8:0c:d9:a6:b4:11:c7:6a:5f:ba:43:f9:3b:25:
1b:11:6a:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3lZcnidKr/f3XOiHBYbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjMwMTAyMDUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjdmNWU5YzUzYThlNDM4YjRhM2E5MDk1MjRlOGMzZWExZjVlMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIQsQdNDZ1LMzBlFawkZEdjE6NF+
x50/ep2IjTG8Ky6WbsJ1bzQibOvGj1uKLzpT4EURqWU4b88+ZZdYHPuIncLJAB//
2/cHc66R1sbLe+GUna/4KV8Kcl9UL3pjndGCC2pD78GAwH+x9zbWR4PUmwePlPfy
d0IMXM0PP99juvmsmAhOKxxjRsLWN5NH7TRHObwyKG8+FCXHNzkStrhmnI82nPoi
pzi4DSBu4uX1yC2iiIFnXt+PMKzxQ8XGR1zlmWgP4JfWu4TT6HqdCAo3lGdpCB0D
ViuHQ8dHPZ4UFCr+1EFy8I5Ig3ovPXkCZkJiwTfQjdSbyeVDA9uJDu1aWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJ/XpxTqOQ4tKOpCVJOjD6h9eB9MB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvc245ZW5GT281RGkwbzZrSlVrNk1QcUgxNEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLiEwMA0G
CSqGSIb3DQEBCwUAA4IBAQCxvl/B0s4nkzsKHmym3jwVa+CLzZEOFCUbOuKdh17K
8ImEaBvu5rcZ8iEuA+pvhkS5Lass6RXkVvgMQVbrhjSLw+PJukNKyPtXFkclzg4f
o3LiZS4oaHpyM26r8RggNgpnw+eRl1Gaq76mCC5JByiZ8Mt5NWF8+mhDFNM/5pT6
27VbBnOv+aIx70VXpPulOOOHMIeJM5f6VJxnxYfnJkzgg2TzPzoqCISLsFlwJwFE
juzMEhZw5xLoJDTMPGFcA7zF9Gy9Zv9vG8P3/WZN+12gtSX2qQ27JYO7cXtKStSY
BFWmId0dH/d2u1DK75m42AzZprQRx2pfukP5OyUbEWr+
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:42:14 2025 by rpki-client